ASOC Monthly Security Bulletin

Home > Resources > ASOC Security Bulletin

Learn more about the latest Cybersecurity trends in the February edition of our monthly Security bulletin. The topics that we covered this month are:

  • Vulnerabilities in Firefox require immediate update.
  • Major vulnerability in crypt32 component of Windows that was reported by NSA patched.
  • Ransomware campaigns with new tricks – from wake switched off devices on the network and bypass UAC to stealing data.
  • Containers security is not easy as it seems.

Our special edition of the Emerging Threat Security Bulletin covers the possible vulnerability scenarios from the recent “Chain of Fools” / “Curveball” attack. Read it to learn what our ASOC team has prepared on the topic.

Our January Security Bulletin covers the following topics:

  • Ransomware attacks are now full-blown data breaches.
  • New Iranian-backed wiper targets Energy and Industry in Middle East.
  • Data breaches in high-profile US based data-center.
  • Vulnerabilities in Chrome Browser, WordPress CMS plug-ins and Citrix platforms.

Our December Security Bulletin covers the following topics:

  • Huge breach from mysterious server leaks data on 1.2 Billion people
  • New cleverer and scarier Ransomwares in the wild claim victims
  • After decrease in 2019, DDoS attacks are on the rise again
  • Vulnerabilities in Windows patched, new ones discovered in popular VNC libraries

Our November Security Bulletin covers the following topics:

  • Breaches in Zendesk, Avast and couple of VPN providers target the Supply Chain in order to compromise users of the technologies easier.
  • Bug in very popular PHP can allow remote code execution on Nginx servers.
  • Following breaches and leaks, password-stuffing attacks rise in popularit.
  • Records for 92 million Brazilians are sold on the dark market – starting price is just $15000.

Our October Security Bulletin covers the following topics:

  • Data leak on most of Ecuador’s citizens with more than 20 mil personal records
  • Six hackers now millionaires because of bug bounty programs, with Android 0-day now worth 2.5 mil $
  • North Korea focusing on bitcoin thefts
  • New threats groups and 0-day attacks against vBulletin in the wild.

Our September Security Bulletin covers the following topics:

  • New data breaches in popular custom merch site, poker software website and hosting platform
  • Reports on IT complexity and how AI can change cyber-security
  • How to secure cloud from misconfigurations and MS SQL servers from malicious jobs
  • Versions of popular Squid web proxy vulnerable

Our August Security Bulletin covers the following topics:

  • New data breaches, including financial data of more than 5 mln Bulgarians, and personal details including nude pictures from dating apps are emerging
  • Facebook is fined 5 bln USD in largest ever consumer privacy violation penalty
  • New malware variant and campaigns are produced from APTs and cybercriminals alike, involving new ways to spread and infect targets
  • Increased Business Email Compromise fraud is claiming more than 1.2 bln USD losses

Our July Security Bulletin covers the following topics:

  • 440 Milions of Android users affected by obnoxious advertising that can render phone unusable.
  • New breaches affecting private data of more than 20 millions of US residents investigated in AMCA and Desjardins Group.
  • High severity vulnerabilities patched in Linux kernel, Dell support software and Cisco’s DCNM.
  • Cyber criminals continue to evolve their methods with new attack vectors and techniques to avoid detection.
  • Two cities in Florida, US decided to pay ransomware gangs more than US $1 mln.

Оur June Security Bulletin covers the following topics:

  • The five horsemen of malicious spam.
  • No honour among thieves. The war between crypto-mining hackers.
  • Tales from the SOC.
  • Newest attack on iPhone and Pixel.
  • Missed call or attack in action.

Оur May Security Bulletin covers the following topics:

  • 540 Million Facebook user records leaked… Not their fault though
  • Facebook black market with 385K users found
  • Cybercrimes pays off- $2.7 Billion according to the FBI
  • Yahoo offers $117.5M settlement in data breach lawsuit
  • Zero trust. Your privileged users could be one of your biggest weaknesses

Оur April Security Bulletin covers the following topics:

  • Facebook stored passwords in plain text for years. And they say it’s ok.
  • Smart car alarms bring more threats than security.
  • Incident response and how to improve it.
  • 1.8 Million Users Attacked by Android Banking Malware
  • Google Fined $1.7 Billion for Anti-Competitive Practices in Online Advertising

Оur March Security Bulletin covers the following topics:

  • CriptoCurrency fraud has gone mobile
  • Your Smart Coffee Maker is Brewing Up Trouble
  • Super Mario – from an adorable plumber to ransomware trouble maker
  • IoT devices and the threats they bring with them
  • Google Android devices no longer need passwords

Оur February Security Bulletin covers the following topics:

  • The Cyber Jackpot has been hit. The winners – all malicious actors who now have access to 773M credentials dumped on the dark web.
  • Google has been slapped with the largest so far $57M GDPR slap.
  • How to hack a company with a box of doughnuts?
  • What’s the cost of a cyber-attack and can you afford one?
  • The Data Privacy Day and Data Privacy development throughout the years.

Оur December-January Security Bulletin covers the following topics:

  • Amazon sends 1,700 Alexa voice recordings to a random person
  • How secure the secure messaging apps really are?
  • Malicious memes on Twitter
  • Facebook in hot water yet again
  • Most used passwords for 2018

Оur November Security Bulletin covers variety of interesting topics:

  • Stuxnet on steroids strikes Iran- allegedly
  • IoT- the bigger the interconnectivity, the bigger the security implications
  • The new DiskCryptor ransomware- what it does and how to protect ourselves from it
  • How safe is Facebook actually? Private messages from at least 81K accounts put on the market. Nearly 120 million more to come…
  • Are you paying for your Ford with your privacy data?
  • Threat predictions for industrial security in 2019
  • Marriott reveals data breach of 500 million guests
Телелинк | Telelink | Enterprise Solutions and Technical Services | Solutions and Capabilities to meet your business challenges.

In our October Security Bulletin you will find out information about:

  • The big risks for the small business and how to mitigate them
  • Artificial Intelligence: The good, the bad & the cyber unknown
  • Facebook- Third-Party Apps breach concerns, Millions of people “get” the bug and the Cambridge Analytica fine
  • US Advanced Weaponry Is Easy to Hack, Even by Low-Skilled Attackers
  • Google cracks down on malicious extensions… and its own Google+

Our September Security Bulletin covers variety of interesting topics:

  • Why Elon Musk invites hackers to torpedo Tesla firmware
  • New trends in the world of IoT threats
  • The 4 new smart office security risks and how to mitigate them
  • Your web applications are more vulnerable than you think
  • The five weakest links in cybersecurity that target the supply chain
Телелинк | Telelink | Enterprise Solutions and Technical Services | Solutions and Capabilities to meet your business challenges.

The August Security Bulletin prepared by our Advanced Security Operations Center (ASOC) is already out. You will find out information about:

  • Which are the latest cybersecurity vulnerabilities and threats?
  • GDPR phishing or fraudulent attempt to obtain sensitive information?
Телелинк | Telelink | Enterprise Solutions and Technical Services | Solutions and Capabilities to meet your business challenges.

The July Monthly Security Bulletin prepared by our Advanced Security Operations Center (ASOC) is already out. You will find out information about:

  • Which are the latest cybersecurity vulnerabilities and threats?
  • Should users of IoT robot vacuums have concerns?